CVE-2023-34093

🗓️ 25 Jul 2023 15:13:15Reported by GoogleType

osv🔗 osv.dev👁 8 Views

Strapi prior to version 4.10.8 allows unauthorized access to private attributes of Content-Type, potentially exposing sensitive information and compromising system security

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 8
Vulnrichment	CVE-2023-34093 Strapi allows actors to make all attributes on a content-type public without noticing it	25 Jul 202314:54	–	vulnrichment
Cvelist	CVE-2023-34093 Strapi allows actors to make all attributes on a content-type public without noticing it	25 Jul 202314:54	–	cvelist
Prion	Design/Logic Flaw	25 Jul 202315:15	–	prion
OSV	Making all attributes on a content-type public without noticing it	25 Jul 202317:17	–	osv
Veracode	Information Disclosure	26 Jul 202312:12	–	veracode
NVD	CVE-2023-34093	25 Jul 202315:15	–	nvd
CVE	CVE-2023-34093	25 Jul 202315:15	–	cve
Github Security Blog	Making all attributes on a content-type public without noticing it	25 Jul 202317:17	–	github

Source	Link
github	www.github.com/strapi/strapi/security/advisories/GHSA-chmr-rg2f-9jmf
github	www.github.com/strapi/strapi/commit/2fa8f30371bfd1db44c15e5747860ee5789096de
github	www.github.com/strapi/strapi/releases/tag/v4.10.8

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

25 Jul 2023 15:15Current

6.8Medium risk

Vulners AI Score6.8

CVSS34.8 - 7.1

EPSS0.00069

SSVC